Research Article
Deep Learning Based Adversarial Images Detection
@INPROCEEDINGS{10.1007/978-3-030-36402-1_30, author={Haiyan Liu and Wenmei Li and Zhuangzhuang Li and Yu Wang and Guan Gui}, title={Deep Learning Based Adversarial Images Detection}, proceedings={Advanced Hybrid Information Processing. Third EAI International Conference, ADHIP 2019, Nanjing, China, September 21--22, 2019, Proceedings, Part I}, proceedings_a={ADHIP}, year={2019}, month={11}, keywords={Adversarial detection Deep learning Ensemble model Support vector machine (SVM) K-nearest neighbors (KNN) Random forest (RF)}, doi={10.1007/978-3-030-36402-1_30} }- Haiyan Liu
Wenmei Li
Zhuangzhuang Li
Yu Wang
Guan Gui
Year: 2019
Deep Learning Based Adversarial Images Detection
ADHIP
Springer
DOI: 10.1007/978-3-030-36402-1_30
Abstract
The threat of attack against deep learning based network is gradually strengthened in computer vision. The adversarial examples or images are produced by applying intentional a slight perturbation, which is not recognized by human, but can confuse the deep learning based classifier. To enhance the robustness of image classifier, we proposed several deep learning based algorithms (i.e., CNN-SVM, CNN-KNN, CNN-RF) to detect adversarial images. To improve the utilization rate of multi-layer features, an ensemble model based on two layer features generated by CNN is applied to detect adversarial examples. The accuracy, detection probability, fake alarm probability and miss probability are applied to evaluate our proposed algorithms. The results show that the ensemble model based on SVM can achieve the best performance (i.e., 94.5%) than other methods for testing remote sensing image dataset.
